A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file permissions. An attacker could exploit this vulnerability by modifying files that they should not have access to. A successful exploit could allow the attacker to remove container protections and perform file actions outside the namespace of the container.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-09-25T20:16:02.377889Z
Updated: 2024-09-16T19:00:37.626Z
Reserved: 2019-06-04T00:00:00
Link: CVE-2019-12670
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-09-25T21:15:11.687
Modified: 2020-10-08T14:04:48.943
Link: CVE-2019-12670
Redhat
No data.